<?php
/**
 * 验证登录
 */
session_start();
require "../util/DBUtil.php";

//获取表单值
$ver = $_POST['ver'];
if ($ver!=$_SESSION['reply']){ //验证码输入不正确
    header('Location: ../error.php?error=404');
}
$username = $_POST['userName'];
$pwd = $_POST['password'];
$accout_type = $_POST['account_type'];
$sql = "";
if ($accout_type==0){//学生登录
    $sql = "select * from tb_student where student_no=? and password=?";
}elseif ($accout_type==1){//管理员登录
    $sql = "select * from tb_admin where username=? and password=?";
}elseif ($accout_type==2){//教师登录
    $sql = "select * from tb_teacher where teacher_no=? and password=?";
}
$pram = array($username, $pwd);
$check_user = new DBUtil();
$login_user = $check_user->query($sql, $pram)[0];
//print_r($login_user);
if (count($login_user) != 0) {
    $_SESSION['login_type'] = $accout_type;
    $_SESSION['login_user'] = serialize($login_user);   //序列化并存到session中
    $_SESSION['visitor'] = 1;//访问量控制
//    echo $_SESSION['login_user']."----";
//    print_r(unserialize($_SESSION['login_user']));
    header("Location: ../index.php");
} else {
    echo "<script>alert('账号或密码错误');history.back();</script>";
}
$check_user->close();



